diff --git a/problem_report.py b/problem_report.py
index 769ce3065..046ea9e8f 100644
--- a/problem_report.py
+++ b/problem_report.py
@@ -34,6 +34,9 @@
 GZIP_HEADER_START = b"\037\213\010"
 ZSTANDARD_MAGIC_NUMBER = b"\x28\xB5\x2F\xFD"
 
+# 2**29 is 512 MiB
+COREDUMP_MAX_SIZE = 2**29
+
 
 class MalformedProblemReport(ValueError):
     """Raised when a problem report violates the crash report format.
@@ -278,7 +281,9 @@ def get_value(self) -> bytes:
         assert self.compressed_value is not None
 
         if self.compressed_value.startswith(ZSTANDARD_MAGIC_NUMBER):
-            return _get_zstandard_decompressor().decompress(self.compressed_value)
+            return _get_zstandard_decompressor().decompress(
+                self.compressed_value, max_output_size=COREDUMP_MAX_SIZE
+            )
         if self.compressed_value.startswith(GZIP_HEADER_START):
             return gzip.decompress(self.compressed_value)
         # legacy zlib format
diff --git a/tests/unit/test_problem_report.py b/tests/unit/test_problem_report.py
index 31d53360c..c91c77baf 100644
--- a/tests/unit/test_problem_report.py
+++ b/tests/unit/test_problem_report.py
@@ -322,6 +322,15 @@ def test_reading_zstd_compressed_value(self) -> None:
             b" which is long enough to be compressed\n",
         )
 
+    @unittest.skipUnless(zstandard, "zstandard Python module not available")
+    def test_reading_zstd_compressed_value_nosize(self) -> None:
+        """Test reading zstd-compressed CompressedValue without a size header."""
+        report = problem_report.ProblemReport()
+        content = b"CoreDump: base64\n KLUv/QBYEQAAe30=\n"
+        with io.BytesIO(content) as report_file:
+            report.load(report_file, binary="compressed")
+        self.assertEqual(report["CoreDump"].get_value(), b"{}")
+
     @unittest.skipUnless(zstandard, "zstandard Python module not available")
     def test_writing_zstd_compressed_value(self) -> None:
         """Test writing zstd-compressed CompressedValue."""